Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization

Files in This Item:
 File SizeFormat
Downloadaportillod_CONISOFT_2019.pdf623.89 kBAdobe PDF
Title: Towards an Efficient Log Data Protection in Software Systems through Data Minimization and Anonymization
Authors: Portillo Dominguez, Andres OmarAyala-Rivera, Vanessa
Permanent link: http://hdl.handle.net/10197/12346
Date: 25-Oct-2019
Online since: 2021-07-23T15:47:20Z
Abstract: IT infrastructures of companies generate large amounts of log data every day. These logs are typically analyzed by software engineers to gain insights about activities occurring within a company (e.g., to debug issues exhibited by the production systems). To facilitate this process, log data management is often outsourced to cloud providers. However, logs may contain information that is sensitive by nature and considered personal identifiable under most of the new privacy protection laws, such as the European General Data Protection Regulation (GDPR). To ensure that companies do not violate regulatory compliance, they must adopt, in their software systems, appropriate data protection measures. Such privacy protection laws also promote the use of anonymization techniques as possible mechanisms to operationalize data protection. However, companies struggle to put anonymization in practice due to the lack of integrated, intuitive, and easy-to-use tools that accommodate effectively with their log management systems. In this paper, we propose an automatic approach (SafeLog) to filter out information and anonymize log streams to safeguard the confidentiality of sensitive data and prevent its exposure and misuse from third parties. Our results show that atomic anonymization operations can be effectively applied to log streams to preserve the confidentiality of information, while still allowing to conduct different types of analysis tasks such as users behavior, and anomaly detection. Our approach also reduces the amount of data sent to cloud vendors, hence decreasing the financial costs and the risk of overexposing information.
Type of material: Conference Publication
Publisher: IEEE
Copyright (published version): 2019 IEEE
Keywords: Data privacyData protectionSoftware engineering
DOI: 10.1109/conisoft.2019.00024
Other versions: http://conisoft.org/2019/
Language: en
Status of Item: Peer reviewed
Is part of: Juárez-Ramírez, R., Fernández y Fernández, C., Jiménez, S., Ramírez-Noriega, A., Pérez González, H., Licea Sandoval, G., Guerra-García, C. (eds.). 2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT), Mexico City, Mexico, 23-25 October 2019: Proceedings
Conference Details: The 2019 7th International Conference in Software Engineering Research and Innovation (CONISOFT), Mexico City, Mexico, 23 -25 October 2019
ISBN: 978-1-7281-2524-4
This item is made available under a Creative Commons License: https://creativecommons.org/licenses/by-nc-nd/3.0/ie/
Appears in Collections:Computer Science Research Collection

Show full item record

Page view(s)

187
Last Week
6
Last month
16
checked on Sep 23, 2021

Download(s)

19
checked on Sep 23, 2021

Google ScholarTM

Check

Altmetric


If you are a publisher or author and have copyright concerns for any item, please email research.repository@ucd.ie and the item will be withdrawn immediately. The author or person responsible for depositing the article will be contacted within one business day.